Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Title page
Copyright
Epigraph
Acknowledgments
About the Authors
Introduction
Assessment Test
Chapter 1 Security Governance Through Principles and Policies
Understand and Apply Concepts of Confidentiality, Integrity, and Availability
Apply Security Governance Principles
Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines
Understand and Apply Threat Modeling
Integrate Security Risk Considerations into Acquisition Strategy and Practice
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 2 Personnel Security and Risk Management Concepts
Contribute to Personnel Security Policies
Security Governance
Understand and Apply Risk Management Concepts
Establish and Manage Information Security Education, Training, and Awareness
Manage the Security Function
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 3 Business Continuity Planning
Planning for Business Continuity
Project Scope and Planning
Business Impact Assessment
Continuity Planning
Plan Approval and Implementation
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 4 Laws, Regulations, and Compliance
Categories of Laws
Laws
Compliance
Contracting and Procurement
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 5 Protecting Security of Assets
Classifying and Labeling Assets
Identifying Data Roles
Protecting Privacy
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 6 Cryptography and Symmetric Key Algorithms
Historical Milestones in Cryptography
Cryptographic Basics
Modern Cryptography
Symmetric Cryptography
Cryptographic Life Cycle
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 7 PKI and Cryptographic Applications
Asymmetric Cryptography
Hash Functions
Digital Signatures
Public Key Infrastructure
Asymmetric Key Management
Applied Cryptography
Cryptographic Attacks
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 8 Principles of Security Models, Design, and Capabilities
Implement and Manage Engineering Processes Using Secure Design Principles
Understand the Fundamental Concepts of Security Models
Select Controls and Countermeasures Based on Systems Security Evaluation Models
Understand Security Capabilities of Information Systems
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 9 Security Vulnerabilities, Threats, and Countermeasures
Assess and Mitigate Security Vulnerabilities
Client-Based
Server-Based
Database Security
Distributed Systems
Industrial Control Systems
Assess and Mitigate Vulnerabilities in Web-Based Systems
Assess and Mitigate Vulnerabilities in Mobile Systems
Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
Essential Security Protection Mechanisms
Common Architecture Flaws and Security Issues
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 10 Physical Security Requirements
Apply Secure Principles to Site and Facility Design
Design and Implement Physical Security
Implement and Manage Physical Security
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 11 Secure Network Architecture and Securing Network Components
OSI Model
TCP/IP Model
Converged Protocols
Wireless Networks
General Wi-Fi Security Procedure
Cabling, Wireless, Topology, and Communications Technology
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 12 Secure Communications and Network Attacks
Network and Protocol Security Mechanisms
Secure Voice Communications
Multimedia Collaboration
Manage Email Security
Remote Access Security Management
Virtual Private Network
Virtualization
Network Address Translation
Switching Technologies
WAN Technologies
Miscellaneous Security Control Characteristics
Security Boundaries
Prevent or Mitigate Network Attacks
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 13 Managing Identity and Authentication
Controlling Access to Assets
Comparing Identification and Authentication
Implementing Identity Management
Managing the Identity and Access Provisioning Life Cycle
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 14 Controlling and Monitoring Access
Comparing Access Control Models
Understanding Access Control Attacks
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 15 Security Assessment and Testing
Building a Security Assessment and Testing Program
Performing Vulnerability Assessments
Testing Your Software
Implementing Security Management Processes
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 16 Managing Security Operations
Applying Security Operations Concepts
Provisioning and Managing Resources
Managing Configuration
Managing Change
Managing Patches and Reducing Vulnerabilities
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 17 Preventing and Responding to Incidents
Managing Incident Response
Implementing Preventive Measures
Logging, Monitoring, and Auditing
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 18 Disaster Recovery Planning
The Nature of Disaster
Understand System Resilience and Fault Tolerance
Recovery Strategy
Recovery Plan Development
Training, Awareness, and Documentation
Testing and Maintenance
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 19 Incidents and Ethics
Investigations
Major Categories of Computer Crime
Incident Handling
Ethics
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 20 Software Development Security
Introducing Systems Development Controls
Establishing Databases and Data Warehousing
Storing Data and Information
Understanding Knowledge-Based Systems
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 21 Malicious Code and Application Attacks
Malicious Code
Password Attacks
Application Attacks
Web Application Security
Reconnaissance Attacks
Masquerading Attacks
Summary
Exam Essentials
Written Lab
Review Questions
Appendix A Answers to Review Questions
Chapter 1: Security Governance Through Principles and Policies
Chapter 2: Personnel Security and Risk Management Concepts
Chapter 3: Business Continuity Planning
Chapter 4: Laws, Regulations, and Compliance
Chapter 5: Protecting Security of Assets
Chapter 6: Cryptography and Symmetric Key Algorithms
Chapter 7: PKI and Cryptographic Applications
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
Chapter 10: Physical Security Requirements
Chapter 11: Secure Network Architecture and Securing Network Components
Chapter 12: Secure Communications and Network Attacks
Chapter 13: Managing Identity and Authentication
Chapter 14: Controlling and Monitoring Access
Chapter 15: Security Assessment and Testing
Chapter 16: Managing Security Operations
Chapter 17: Preventing and Responding to Incidents
Chapter 18: Disaster Recovery Planning
Chapter 19: Incidents and Ethics
Chapter 20: Software Development Security
Chapter 21: Malicious Code and Application Attacks
Appendix B Answers to Written Labs
Chapter 1: Security Governance Through Principles and Policies
Chapter 2: Personnel Security and Risk Management Concepts
Chapter 3: Business Continuity Planning
Chapter 4: Laws, Regulations, and Compliance
Chapter 5: Protecting Security of Assets
Chapter 6: Cryptography and Symmetric Key Algorithms
Chapter 7: PKI and Cryptographic Applications
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
Chapter 10: Physical Security Requirements
Chapter 11: Secure Network Architecture and Securing Network Components
Chapter 12: Secure Communications and Network Attacks
Chapter 13: Managing Identity and Authentication
Chapter 14: Controlling and Monitoring Access
Chapter 15: Security Assessment and Testing
Chapter 16: Managing Security Operations
Chapter 17: Preventing and Responding to Incidents
Chapter 18: Disaster Recovery Planning
Chapter 19: Incidents and Ethics
Chapter 20: Software Development Security
Chapter 21: Malicious Code and Application Attacks
Comprehensive Online Learning Environment
EULA
← Prev
Back
Next →
← Prev
Back
Next →